NetBSD/sys/opencrypto
jonathan 2632a233ba No change. Forced commit to record commit message for previous revision, viz:
Fix vulnerability to a denial-of-service attack which passes a
length-0 crypto op. Check for zero length and return EINVAL, taken from:

    http://cvsweb.FreeBSD.org/src/sys/opencrypto/cryptodev.c.diff?r1=1.25&r2=1.26

Original FreeBSD log mesage:

  Modified files:
    sys/opencrypto       cryptodev.c
  Log:
  Fix bogus check. It was possible to panic the kernel by giving 0 length.
  This is actually a local DoS, as every user can use /dev/crypto if there
  is crypto hardware in the system and cryptodev.ko is loaded (or compiled
  into the kernel).

  Reported by:    Mike Tancsa <mike@sentex.net>


thanks to Sam Leffler for passing on a heads-up about this issue.
2005-08-22 23:11:47 +00:00
..
Makefile
criov.c
crypto.c
cryptodev.c
cryptodev.h
cryptosoft.c
cryptosoft.h
deflate.c
deflate.h
files.opencrypto
xform.c
xform.h